class ActiveSupport::MessageEncryptor

def decrypt(encrypted_message)

def decrypt(encrypted_message)
  cipher = new_cipher
  encrypted_data, iv, auth_tag = extract_parts(encrypted_message)
  # Currently the OpenSSL bindings do not raise an error if auth_tag is
  # truncated, which would allow an attacker to easily forge it. See
  # https://github.com/ruby/openssl/issues/63
  if aead_mode? && auth_tag.bytesize != AUTH_TAG_LENGTH
    throw :invalid_message_format, "truncated auth_tag"
  end
  cipher.decrypt
  cipher.key = @secret
  cipher.iv  = iv
  if aead_mode?
    cipher.auth_tag = auth_tag
    cipher.auth_data = ""
  end
  decrypted_data = cipher.update(encrypted_data)
  decrypted_data << cipher.final
rescue OpenSSLCipherError => error
  throw :invalid_message_format, error
end

Class Methods

:: key_len

Instance Methods

# create_message
# decrypt
# decrypt_and_verify
# default_cipher
# encrypt
# encrypt_and_sign
# extract_part
# extract_parts
# initialize
# inspect
# join_parts
# length_after_encode
# length_of_encoded_auth_tag
# length_of_encoded_iv
# new_cipher
# read_message
# sign
# verify

Modules

Classes

class ActiveSupport::MessageEncryptor

def decrypt(encrypted_message)

Class Methods

Instance Methods